|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
10-01-2007
| #1 (permalink) |
| | How to Verify Users are Disabled in Active Directory I have a list of several users in an excel spreadsheet. Is it possible to retrieve the users in the excel spreadsheet and parse active directory to ensure that those users are disabled? |
My System Specs |
|
10-01-2007
| #2 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory Is it a CSV file or plain Excel? You can use this to test the user function Test-ADUser{ param($user,$dom) $root = [ADSI]"LDAP://$dom" $filter = "(&(objectcategory=user)(sAMAccountName=$user))" $user = (new-Object System.DirectoryServices.DirectorySearcher($filter)).findone() $user = $user.GetDirectoryEntry() $user.psbase.invokeget('accountdisabled') } Returns $true if disabled $false if not "Rey Perez" <Rey Perez@xxxxxx> wrote in message news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx Quote: >I have a list of several users in an excel spreadsheet. Is it possible to > retrieve the users in the excel spreadsheet and parse active directory to > ensure that those users are disabled? |
| My System Specs |
|
10-01-2007
| #3 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory It's a plain excel. Thanks for the help! "Brandon Shell" wrote: Quote: > Is it a CSV file or plain Excel? > > You can use this to test the user > > function Test-ADUser{ > param($user,$dom) > $root = [ADSI]"LDAP://$dom" > $filter = "(&(objectcategory=user)(sAMAccountName=$user))" > $user = (new-Object > System.DirectoryServices.DirectorySearcher($filter)).findone() > $user = $user.GetDirectoryEntry() > $user.psbase.invokeget('accountdisabled') > } > > Returns $true if disabled $false if not > > "Rey Perez" <Rey Perez@xxxxxx> wrote in message > news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx Quote: > >I have a list of several users in an excel spreadsheet. Is it possible to > > retrieve the users in the excel spreadsheet and parse active directory to > > ensure that those users are disabled? > |
| My System Specs |
|
10-01-2007
| #4 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory colum and row one would expect the User name to be in? "Rey Perez" <ReyPerez@xxxxxx> wrote in message news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx Quote: > It's a plain excel. > > Thanks for the help! > > > "Brandon Shell" wrote: > Quote: >> Is it a CSV file or plain Excel? >> >> You can use this to test the user >> >> function Test-ADUser{ >> param($user,$dom) >> $root = [ADSI]"LDAP://$dom" >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" >> $user = (new-Object >> System.DirectoryServices.DirectorySearcher($filter)).findone() >> $user = $user.GetDirectoryEntry() >> $user.psbase.invokeget('accountdisabled') >> } >> >> Returns $true if disabled $false if not >> >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx Quote: >> >I have a list of several users in an excel spreadsheet. Is it possible >> >to >> > retrieve the users in the excel spreadsheet and parse active directory >> > to >> > ensure that those users are disabled? >> |
| My System Specs |
|
10-02-2007
| #5 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory Column A Row 1. "Brandon Shell" wrote: Quote: > colum and row one would expect the User name to be in? > > "Rey Perez" <ReyPerez@xxxxxx> wrote in message > news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx Quote: > > It's a plain excel. > > > > Thanks for the help! > > > > > > "Brandon Shell" wrote: > > Quote: > >> Is it a CSV file or plain Excel? > >> > >> You can use this to test the user > >> > >> function Test-ADUser{ > >> param($user,$dom) > >> $root = [ADSI]"LDAP://$dom" > >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" > >> $user = (new-Object > >> System.DirectoryServices.DirectorySearcher($filter)).findone() > >> $user = $user.GetDirectoryEntry() > >> $user.psbase.invokeget('accountdisabled') > >> } > >> > >> Returns $true if disabled $false if not > >> > >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message > >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx > >> >I have a list of several users in an excel spreadsheet. Is it possible > >> >to > >> > retrieve the users in the excel spreadsheet and parse active directory > >> > to > >> > ensure that those users are disabled? > >> > >> > |
| My System Specs |
|
10-02-2007
| #6 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory It would be much simpler if you could save as a CSV... I assume you just have one sheet in the work book. "Rey Perez" <ReyPerez@xxxxxx> wrote in message news:6100B29D-E903-473B-A30C-474E79B3E174@xxxxxx Quote: > Column A Row 1. > > > "Brandon Shell" wrote: > Quote: >> colum and row one would expect the User name to be in? >> >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message >> news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx Quote: >> > It's a plain excel. >> > >> > Thanks for the help! >> > >> > >> > "Brandon Shell" wrote: >> > >> >> Is it a CSV file or plain Excel? >> >> >> >> You can use this to test the user >> >> >> >> function Test-ADUser{ >> >> param($user,$dom) >> >> $root = [ADSI]"LDAP://$dom" >> >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" >> >> $user = (new-Object >> >> System.DirectoryServices.DirectorySearcher($filter)).findone() >> >> $user = $user.GetDirectoryEntry() >> >> $user.psbase.invokeget('accountdisabled') >> >> } >> >> >> >> Returns $true if disabled $false if not >> >> >> >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message >> >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx >> >> >I have a list of several users in an excel spreadsheet. Is it >> >> >possible >> >> >to >> >> > retrieve the users in the excel spreadsheet and parse active >> >> > directory >> >> > to >> >> > ensure that those users are disabled? >> >> >> >> >> |
| My System Specs |
|
10-02-2007
| #7 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory I'm all about simple. I just changed it to CSV. "Brandon Shell" wrote: Quote: > It would be much simpler if you could save as a CSV... > > I assume you just have one sheet in the work book. > > "Rey Perez" <ReyPerez@xxxxxx> wrote in message > news:6100B29D-E903-473B-A30C-474E79B3E174@xxxxxx Quote: > > Column A Row 1. > > > > > > "Brandon Shell" wrote: > > Quote: > >> colum and row one would expect the User name to be in? > >> > >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message > >> news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx > >> > It's a plain excel. > >> > > >> > Thanks for the help! > >> > > >> > > >> > "Brandon Shell" wrote: > >> > > >> >> Is it a CSV file or plain Excel? > >> >> > >> >> You can use this to test the user > >> >> > >> >> function Test-ADUser{ > >> >> param($user,$dom) > >> >> $root = [ADSI]"LDAP://$dom" > >> >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" > >> >> $user = (new-Object > >> >> System.DirectoryServices.DirectorySearcher($filter)).findone() > >> >> $user = $user.GetDirectoryEntry() > >> >> $user.psbase.invokeget('accountdisabled') > >> >> } > >> >> > >> >> Returns $true if disabled $false if not > >> >> > >> >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message > >> >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx > >> >> >I have a list of several users in an excel spreadsheet. Is it > >> >> >possible > >> >> >to > >> >> > retrieve the users in the excel spreadsheet and parse active > >> >> > directory > >> >> > to > >> >> > ensure that those users are disabled? > >> >> > >> >> > >> > >> > |
| My System Specs |
|
10-02-2007
| #8 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory Try this... If you can add a Header Row called LogonName function Test-ADUser{ param($user,$dom) $root = [ADSI]"LDAP://$dom" $filter = "(&(objectcategory=user)(sAMAccountName=$user))" $user = (new-Object System.DirectoryServices.DirectorySearcher($filter)).findone() $user = $user.GetDirectoryEntry() $user.psbase.invokeget('accountdisabled') } $users = import-Csv c:\mycsvfile.csv foreach($user in $users) { $result = Test-ADUser $user.LogonName if($results){"{0} is Disabled" -f $user.LogonName} else{"{0} is NOT Disabled" -f $user.LogonName} } "Rey Perez" <ReyPerez@xxxxxx> wrote in message news:B61106CB-F5FF-48F2-A033-1DE34B572D5F@xxxxxx Quote: > I'm all about simple. I just changed it to CSV. > > "Brandon Shell" wrote: > Quote: >> It would be much simpler if you could save as a CSV... >> >> I assume you just have one sheet in the work book. >> >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message >> news:6100B29D-E903-473B-A30C-474E79B3E174@xxxxxx Quote: >> > Column A Row 1. >> > >> > >> > "Brandon Shell" wrote: >> > >> >> colum and row one would expect the User name to be in? >> >> >> >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message >> >> news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx >> >> > It's a plain excel. >> >> > >> >> > Thanks for the help! >> >> > >> >> > >> >> > "Brandon Shell" wrote: >> >> > >> >> >> Is it a CSV file or plain Excel? >> >> >> >> >> >> You can use this to test the user >> >> >> >> >> >> function Test-ADUser{ >> >> >> param($user,$dom) >> >> >> $root = [ADSI]"LDAP://$dom" >> >> >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" >> >> >> $user = (new-Object >> >> >> System.DirectoryServices.DirectorySearcher($filter)).findone() >> >> >> $user = $user.GetDirectoryEntry() >> >> >> $user.psbase.invokeget('accountdisabled') >> >> >> } >> >> >> >> >> >> Returns $true if disabled $false if not >> >> >> >> >> >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message >> >> >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx >> >> >> >I have a list of several users in an excel spreadsheet. Is it >> >> >> >possible >> >> >> >to >> >> >> > retrieve the users in the excel spreadsheet and parse active >> >> >> > directory >> >> >> > to >> >> >> > ensure that those users are disabled? >> >> >> >> >> >> >> >> >> >> >> |
| My System Specs |
|
10-06-2007
| #9 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory Hi Rey, This might be simpler if you use the Quest AD cmdlets (which are free). To get the users identified in the csv file and then specifically look them up by LogonName (assuming that it has a header called LogonName and contains logon names), you could use this one-liner: Import-Csv C:\MyCsvFile.csv | Add-Member -Name VerifiedDisabled -MemberType ScriptProperty -Value {$user = Get-QADUser -LogonName $this.LogonName; ($user -ne $null) -and ($user.UserAccountControl -band 2) } -PassThru This will output a table of LogonName and VerifiedDisabled values. If you only want those that are not disabled, just append | Where-Object { $_.VerifiedDisabled -eq $false } to the end of the one-liner Brandon's script below will also work, but I wanted to present another option. Either one will do the trick. If you want to get the Quest AD cmdlets, you can download them anonymously here: http://www.quest.com/activeroles-server/arms.aspx - Kirk Munro Poshoholic http://poshoholic.com "Brandon Shell" <tshell.mask@xxxxxx> wrote in message news:O1S%231UTBIHA.5652@xxxxxx Quote: > Try this... If you can add a Header Row called LogonName > > function Test-ADUser{ > param($user,$dom) > $root = [ADSI]"LDAP://$dom" > $filter = "(&(objectcategory=user)(sAMAccountName=$user))" > $user = (new-Object > System.DirectoryServices.DirectorySearcher($filter)).findone() > $user = $user.GetDirectoryEntry() > $user.psbase.invokeget('accountdisabled') > } > > $users = import-Csv c:\mycsvfile.csv > foreach($user in $users) > { > $result = Test-ADUser $user.LogonName > if($results){"{0} is Disabled" -f $user.LogonName} > else{"{0} is NOT Disabled" -f $user.LogonName} > } > > "Rey Perez" <ReyPerez@xxxxxx> wrote in message > news:B61106CB-F5FF-48F2-A033-1DE34B572D5F@xxxxxx Quote: >> I'm all about simple. I just changed it to CSV. >> >> "Brandon Shell" wrote: >> Quote: >>> It would be much simpler if you could save as a CSV... >>> >>> I assume you just have one sheet in the work book. >>> >>> "Rey Perez" <ReyPerez@xxxxxx> wrote in message >>> news:6100B29D-E903-473B-A30C-474E79B3E174@xxxxxx >>> > Column A Row 1. >>> > >>> > >>> > "Brandon Shell" wrote: >>> > >>> >> colum and row one would expect the User name to be in? >>> >> >>> >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message >>> >> news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx >>> >> > It's a plain excel. >>> >> > >>> >> > Thanks for the help! >>> >> > >>> >> > >>> >> > "Brandon Shell" wrote: >>> >> > >>> >> >> Is it a CSV file or plain Excel? >>> >> >> >>> >> >> You can use this to test the user >>> >> >> >>> >> >> function Test-ADUser{ >>> >> >> param($user,$dom) >>> >> >> $root = [ADSI]"LDAP://$dom" >>> >> >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" >>> >> >> $user = (new-Object >>> >> >> System.DirectoryServices.DirectorySearcher($filter)).findone() >>> >> >> $user = $user.GetDirectoryEntry() >>> >> >> $user.psbase.invokeget('accountdisabled') >>> >> >> } >>> >> >> >>> >> >> Returns $true if disabled $false if not >>> >> >> >>> >> >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message >>> >> >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx >>> >> >> >I have a list of several users in an excel spreadsheet. Is it >>> >> >> >possible >>> >> >> >to >>> >> >> > retrieve the users in the excel spreadsheet and parse active >>> >> >> > directory >>> >> >> > to >>> >> >> > ensure that those users are disabled? >>> >> >> >>> >> >> >>> >> >>> >> >>> >>> |
| My System Specs |
|
10-22-2007
| #10 (permalink) |
| | Re: How to Verify Users are Disabled in Active Directory Hi Brandon, I've been testing this script and it says all my accounts are NOT disabled when some of them actually are. Thanks, Rey "Brandon Shell" wrote: Quote: > Try this... If you can add a Header Row called LogonName > > function Test-ADUser{ > param($user,$dom) > $root = [ADSI]"LDAP://$dom" > $filter = "(&(objectcategory=user)(sAMAccountName=$user))" > $user = (new-Object > System.DirectoryServices.DirectorySearcher($filter)).findone() > $user = $user.GetDirectoryEntry() > $user.psbase.invokeget('accountdisabled') > } > > $users = import-Csv c:\mycsvfile.csv > foreach($user in $users) > { > $result = Test-ADUser $user.LogonName > if($results){"{0} is Disabled" -f $user.LogonName} > else{"{0} is NOT Disabled" -f $user.LogonName} > } > > "Rey Perez" <ReyPerez@xxxxxx> wrote in message > news:B61106CB-F5FF-48F2-A033-1DE34B572D5F@xxxxxx Quote: > > I'm all about simple. I just changed it to CSV. > > > > "Brandon Shell" wrote: > > Quote: > >> It would be much simpler if you could save as a CSV... > >> > >> I assume you just have one sheet in the work book. > >> > >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message > >> news:6100B29D-E903-473B-A30C-474E79B3E174@xxxxxx > >> > Column A Row 1. > >> > > >> > > >> > "Brandon Shell" wrote: > >> > > >> >> colum and row one would expect the User name to be in? > >> >> > >> >> "Rey Perez" <ReyPerez@xxxxxx> wrote in message > >> >> news:401E7742-57A2-4F40-88A8-407DA840B21D@xxxxxx > >> >> > It's a plain excel. > >> >> > > >> >> > Thanks for the help! > >> >> > > >> >> > > >> >> > "Brandon Shell" wrote: > >> >> > > >> >> >> Is it a CSV file or plain Excel? > >> >> >> > >> >> >> You can use this to test the user > >> >> >> > >> >> >> function Test-ADUser{ > >> >> >> param($user,$dom) > >> >> >> $root = [ADSI]"LDAP://$dom" > >> >> >> $filter = "(&(objectcategory=user)(sAMAccountName=$user))" > >> >> >> $user = (new-Object > >> >> >> System.DirectoryServices.DirectorySearcher($filter)).findone() > >> >> >> $user = $user.GetDirectoryEntry() > >> >> >> $user.psbase.invokeget('accountdisabled') > >> >> >> } > >> >> >> > >> >> >> Returns $true if disabled $false if not > >> >> >> > >> >> >> "Rey Perez" <Rey Perez@xxxxxx> wrote in message > >> >> >> news:E68997A1-872D-44FB-9DD7-DF4C56907503@xxxxxx > >> >> >> >I have a list of several users in an excel spreadsheet. Is it > >> >> >> >possible > >> >> >> >to > >> >> >> > retrieve the users in the excel spreadsheet and parse active > >> >> >> > directory > >> >> >> > to > >> >> >> > ensure that those users are disabled? > >> >> >> > >> >> >> > >> >> > >> >> > >> > >> > |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| RE: Get all Mail-enabled Users from Active Directory using PowerShell | PowerShell | |||
| Active Directory Users and Computers in 64 bit Vista | Vista General | |||
| Script to add computer in Active Directory to all users in an OU | VB Script | |||
| Active Directory: getting a list of users | PowerShell | |||
| Active Directory users and computers snap-in | Vista General | |||
